A Recommender System for Improving Program Security Through Source Code Mining and Knowledge Extraction

Author

Fitzroy Nembhard, Florida Institute of Technology

Date of Award

7-2018

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Computer Engineering and Sciences

First Advisor

Marco M. Carvalho

Second Advisor

Carlos Otero

Third Advisor

Thomas C. Eskridge

Fourth Advisor

William H. Allen, III

Abstract

The security of computer programs and systems is a very critical issue. Threats against computer networks and software are on the rise. Therefore, businesses and IT professionals should take steps to ensure that their information systems are as secure as possible. However, many programmers and software engineers do not think about adding security to their programs until their projects are near completion, which results in vulnerable and insecure systems that could be exploited by attackers. This dissertation presents a recommender system to help programmers write more secure code. We created a model that mines and categories source code from existing open source projects and uses machine learning and text mining techniques to offer recommendations and example fixes to programmers of where security could be included in their projects. We achieved positive results in the performance and statistically significant results regarding the usability and the ability of the system to help programmers write more secure code.

Recommended Citation

Nembhard, Fitzroy, "A Recommender System for Improving Program Security Through Source Code Mining and Knowledge Extraction" (2018). Theses and Dissertations. 784.
https://repository.fit.edu/etd/784